Skip to main content

Engine Pack Version 9.6.7

CxSAST Engine

Languages & Frameworks

The Supported Code Languages and Frameworks lists all supported versions of code languages and frameworks.

Rust

The Rust support has been improved by adding additional queries.

The following queries are available as part of this version:

  • High_Severity.png:High_Risk: Rust_High_Risk

    • DynamoDB_NoSQL_Injection

    • AWS_Credentials_Leak

  • Medium_Severity.png:Medium_Risk: Rust_Medium_Threat

    • Excessive_Data_Exposure

    • External_Control_of_System_or_Config_Setting

    • Hardcoded_AWS_Credentials

    • Improper_Locking

    • PCI_Data_Exposure_in_JWT

    • Secret_Leak_in_JWT

    • Use_of_Native_Language

  • Low_Severity.png:Low_Risk: Rust_Low_Visibility

    • Compromised_CDN

    • Dangerous_File_Extension

    • Heap_Inspection

    • Improper_Resource_Shutdown_or_Release

    • Incorrect_Permission_Assignment_For_Critical_Resources

    • Off_By_One_Error

    • Race_Condition_In_Cross_Functionality

    • Serializable_Class_Containing_Sensitive_Data

    • sage_of_temp_dir

CSharp

CSharp support was updated to version 12.

RPG

The RPG Resolver performance was improved. As for the language, Prototypes are now represented as Method Signatures.

Presets

ASA Premium

The ASA Premium preset has been updated to include additional Rust queries.

CWE Top 25

The CWE Top 25 preset and its corresponding category have been updated to support version 2023.

Critical Severity

Critical severity will be added to the SAST engine's list of severity options in the upcoming major version, 9.7.0.

Queries

To include the Critical severity, all queries will be revised and their severity adjusted accordingly.

Details on the affected queries can be found on page Queries Severity Revision .

Presets

  • No new presets will be created or renamed.

  • The following presets will be updated:

    • High, Medium, and Low

      • Queries reviewed from High/Medium/Low to Critical are being kept on this preset.

      • Queries classified from High/Medium/Low to Info are being removed from this preset.

      • All other queries that are transitioning between High, Medium, and Low severities are kept in the preset

        (Example: a query reclassified from High to Medium or Low to Medium will be kept in the preset).

    • High and Medium

      • Queries reviewed from High/Medium to Critical are being kept on this preset.

      • Queries reviewed from Low to Critical/High/Medium are being added to the preset.

      • Queries reviewed from High/Medium to Low/Info are being removed.

      • All other queries that are transitioning between High and Medium severities are kept in the preset

        (Example: a query reviewed from Medium to High is kept in the preset).

  • No queries have been added or removed for all other presets. The only changes are reclassifications of query severities, as detailed in the URL above: Queries Severity Revision.

Scans & Results

New severity will be reflected only for new scans executed after upgrading to 9.7.0; older scans and results are unaffected.

In this section: